CVE-2025-8961

Source
https://cve.org/CVERecord?id=CVE-2025-8961
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-8961.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-8961
Downstream
Related
Published
2025-08-14T12:02:08.516Z
Modified
2026-07-11T03:54:58.735494550Z
Severity
  • 1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
LibTIFF tiffcrop tiffcrop.c main memory corruption
Details

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited.

Database specific
{
    "cwe_ids": [
        "CWE-119"
    ],
    "cna_assigner": "VulDB",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/8xxx/CVE-2025-8961.json"
}
References

Affected packages

Git / gitlab.com/libtiff/libtiff

Affected ranges

Type
GIT
Repo
https://gitlab.com/libtiff/libtiff
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "4.7.0"
        },
        {
            "last_affected": "4.7.0"
        }
    ],
    "cpe": "cpe:2.3:a:libtiff:libtiff:4.7.0:*:*:*:*:*:*:*",
    "source": [
        "AFFECTED_FIELD",
        "CPE_STRING"
    ]
}

Affected versions

4.*
4.7.0
v4.*
v4.7.0
v4.7.0rc2

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-8961.json"